kantver - Fotolia
Mobile geofencing and geolocation services allow IT to secure enterprise resources and physically track mobile devices.
Administrators can use geolocation to find a lost or stolen device, for example. And geofencing can identify when a device passes in or out of a secure area. Because geolocation and geofencing have proven to be such effective technologies, administrators are turning to them as part of their mobile device management (MDM) strategies.
How geolocation services work
Geolocation refers to the process of determining an object's position on a real-world map, based on its latitude and longitude. The rise of smartphones has been instrumental in putting geolocation services on the map, so to speak; most now including a Global Positioning System (GPS) chip to facilitate location services.
The GPS chip enables a device to run apps that use a person's physical location to provide specific information or services. For example, Google Maps provides driving directions from where you are to where you want to go, and Uber knows where your driver should pick you up.
Geolocation services are not reliant on GPS alone, however. They can also use Wi-Fi network proximity, cell-tower triangulation and even IP addresses, although GPS remains the most accurate method. When a GPS signal is weak or unavailable, the geolocation service can turn to one or more of the other methods, often in conjunction with GPS itself.
Geolocation capabilities have become standard fare in MDM products. A lost or stolen device can represent a serious security concern, but as long as it's turned on and the tracking mechanism is enabled, an IT administrator can usually pinpoint its location. IT can also use geolocation to track corporate-owned mobile assets and push documents or apps to devices. Administrators might, for example, stagger releases based on location.
Geolocation services can also track workers suspected of questionable behavior, such as entering a restricted area or visiting a competitor's headquarters, or it can be used for multifactor user authentication. If a worker is supposed to be in Kansas, but the connection attempt is coming from Asia, something is likely wrong.
The use cases for mobile geofencing
Geofencing refers to the process of defining a virtual boundary, or geofence, around a specific physical area. A geofencing service specifies the coordinates that define the perimeter and controls other settings, such as the duration of the geofence's existence. Geolocation and geofencing work together. A tracked device that moves into or out of the fenced area triggers an event, which is then reported back to an appropriate system, such as an MDM server.
Traditionally, a geofence was considered to be a specific physical area with a circular perimeter. Geofencing services have since become more sophisticated, allowing polygon-shaped perimeters with granular controls down to the street level.
When it comes to MDM and corporate security, there are many use cases for mobile geofencing. For example, a company might have a set of iPads for customers to use when they're on-premises. IT can create a geofence that defines the area in which customers can use the devices. If a customer leaves that area, IT receives a notification and can then take appropriate action, such as locating the device or wiping its contents.
Mobile geofencing also allows for app- and data-level control, such as disabling the camera on a tracked device when a worker enters a classified area, or preventing off-site users from downloading sensitive information. In addition, geofencing can play a role in multifactor authentication, just as geolocation does. An organization can use geofencing to verify that a device is physically located within the workplace perimeter before allowing the user to authenticate to the corporate network.
Part 2 of this article explores the privacy implications of geolocation and geofencing services.